Remote State Estimation in the Presence of an Active Eavesdropper

We consider remote state estimation in the presence of an active eavesdropper. A sensor forward local state estimates to a remote estimator over a network, which may be eavesdropped by an intelligent adversary. Aiming at improving the eavesdropping performance efficiently, the adversary may adaptively alternate between an eavesdropping and an active mode. In contrast to eavesdropping, the active attack enables the adversary to sabotage the data transfer to the estimator, and improve the data reception to itself at the same time. However, launching active attacks may increase the risk of being detected. As a result, a tradeoff between eavesdropping performance and stealthiness arises. We present a generalized framework for active eavesdropping and propose a criterion based on the packet reception rate at the estimator to evaluate the stealthiness of the eavesdropper. Moreover, the tradeoff is formulated as a constrained Markov decision process. After deriving a sufficient condition under which at least one stationary policy satisfies the stealthiness constraint and also bounds the eavesdropping performance, we develop an optimal attack policy for the eavesdropper and focus on the structural analysis of the optimal policy. Furthermore, numerical examples are provided to illustrate the developed results.